#980512 openafs-modules-dkms: NULL pointer dereference in kernel on module load

#980512#5
Date:
2021-01-20 01:38:50 UTC
From:
To:
This is a clean system, just installed, with no custom configuration (in
fact this is a live-build system booted from iso image).

The openafs kernel module oopses:

[   12.248250] openafs: loading out-of-tree module taints kernel.
[   12.248682] openafs: module license 'http://www.openafs.org/dl/license10.html' taints kernel.
[   12.249062] Disabling lock debugging due to kernel taint
[   12.250229] openafs: module verification failed: signature and/or required key missing - tainting kernel
[   12.256512] Key type afs_pag registered
[   12.311004] enabling dynamically allocated vcaches
[   12.311516] Starting AFS cache scan...
[   12.320135] BUG: kernel NULL pointer dereference, address: 0000000000000000
[   12.321038] #PF: supervisor read access in kernel mode
[   12.321481] #PF: error_code(0x0000) - not-present page
[   12.321901] PGD 0 P4D 0
[   12.322310] Oops: 0000 [#1] SMP NOPTI
[   12.322717] CPU: 1 PID: 1427 Comm: afsd Tainted: P           OE     5.10.0-1-amd64 #1 Debian 5.10.4-1
[   12.323136] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.14.0-2 04/01/2014
[   12.323557] RIP: 0010:osi_get_fh+0x37/0xe0 [openafs]
[   12.323557] Code: 00 4c 8b 47 30 65 48 8b 04 25 28 00 00 00 48 89 44 24 08 8b 05 82 db 04 00 85 c0 0f 4e c2 89 44 24 04 48 8b 47 68 48 8b 40 48 <48> 8b 00 48 85 c0 74 6a 31 c9 48 8d 54 24 04 4c 89 c7 e8 d2 ca 98
[   12.323557] RSP: 0018:ffffaae0c0c23d10 EFLAGS: 00010286
[   12.323557] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 0000000200000000
[   12.323557] RDX: 000000000000000a RSI: ffffffffc0ac7f80 RDI: ffff8b8f29edcf00
[   12.323557] RBP: 0000000000000000 R08: ffff8b8f19e74ae0 R09: 0000000000000064
[   12.323557] R10: ffff8b8f29edcf00 R11: 000000000000736d R12: 0000000000000000
[   12.323557] R13: ffff8b8f05471c00 R14: ffff8b8f3d858000 R15: 0000000000000007
[   12.323557] FS:  00007fc408938400(0000) GS:ffff8b9037c40000(0000) knlGS:0000000000000000
[   12.323557] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[   12.323557] CR2: 0000000000000000 CR3: 000000010e90a000 CR4: 00000000000006e0
[   12.323557] Call Trace:
[   12.323557]  osi_InitCacheInfo+0x4c/0xa0 [openafs]
[   12.323557]  afs_InitCacheInfo+0x36/0x160 [openafs]
[   12.323557]  ? strncpy_from_user+0x4e/0x140
[   12.323557]  ? _cond_resched+0x16/0x40
[   12.323557]  afs_syscall_call+0xe10/0x1ae0 [openafs]
[   12.323557]  afs_syscall+0xe8/0x500 [openafs]
[   12.323557]  afs_unlocked_ioctl+0x73/0xe0 [openafs]
[   12.323557]  proc_reg_unlocked_ioctl+0x4f/0x90
[   12.323557]  __x64_sys_ioctl+0x83/0xb0
[   12.323557]  do_syscall_64+0x33/0x80
[   12.323557]  entry_SYSCALL_64_after_hwframe+0x44/0xa9

Full dmesg since in attachment.